Powered by BlogRoll
This work is licensed under a Creative Commons License.
Who Links Here?
Click here to see who's linking to this site.
Powered by WhoLinksToMe.com.
Have a nice day ahead!
many thx for good post here
blog walking here
nice to se you
I like your site
nice to see you friends
nice site
new online investment
travel jakarta bandung
learning and sharing
travel bus Indonesia
the secret success
internet sehat & manfaat
indonesia webhosting
internet sehat
internet sehat
more Blogger Indonesia dukung internet aman, sehat & manfaat
blogwalking here buddy
awesome blogs …i like it
thank
INQ7 reports that alleged hacker, JJ Maria Giner, has filed a motion which led to the suspension of the criminal case filed against him for hacking. The Department of Justice alleges that Mr. Giner hacked government websites. I haven’t read through the charge sheet but I do know that the primary basis for the prosecution of Mr. Giner is the affidavit he submitted to the DOJ. The INQ7 report says:
In his counter-affidavit, Giner admitted to sending an e-mail to the National Economic and Development Authority (NEDA), informing the agency about the vulnerability of its website to hackers. With this admission, he argued that if he had the intention of destroying or corrupting the system, he would not have informed the agency.
So, it is Mr. Giner’s defense that he did break into the government websites but he did so in order to substantiate his emails to them that those government sites had security vulnerabilities. He thought he was doing them a favor. After all, the government IT managers would have ignored his emails if he didn’t demonstrate the vulnerabilities. The subsequent emails indicate he was acting with good intentions (among many that line the path to hell, as they say).
Of course, the DOJ’s response is: “The law doesn’t require intent in order to commit the crime of hacking.” I’m afraid I’ll have to agree with the DOJ here. There is a string of Supreme Court decisions saying that crimes spelled out in “special laws” are mala prohibita — a lawyerly phrase which means, even if you didn’t mean to do the act, you’ll still be held accountable.
But I digress.
My point is that for all the publicity surrounding it, this is a bad test case for the government for the following reasons:
(a) This case does nothing to show that the Philippine government can effectively investigate and collect evidence against hackers. As admitted by the DOJ itself, their main evidence was supplied by the accused.
(b) The fact that he’s a white-hat hacker makes it worse. What he did was harmless and in fact, he intended to help out the government agencies concerned. Sure, he did break the law but government should run after black hat hackers — technically proficient people who act malevolently and without regard to the damage they cause.
Script kiddies and white-hat hackers like Mr. Giner should be given a 30-day seminar on ethical computing and be required to listen to Kenny G (or Kenny Rogers) for the duration. That’s punishment enough.
Government will make Giner an example. They are in full force against one Pinoy hacker while hundreds of foreign hackers are making fun of our government sites. This has happened because government people and consultants would like to look good but in reality they are not doing anything except to waste the taxpayers' money.
There are also NGOs that do nothing but try to look good like their government counterparts. PICS for example are just riding the waves to make them look credible again. Hay naku!
Posted by Jack at May 19, 2005, 4:22 pmWhen I was working with NEDA a while back, I was also contacted by a well-known white-hat hacker (whom I believe is Mr. Giner himself) claiming that our system was riddled with vulnerabilities. While I wasn't the head of our IT group, I was known to be connected with NEDA, and I'd been doing my rounds in the pinoy blogging circles. I checked it out, and indeed, we were vulnerable. Our SysAd related to me how the info that the hacker had been sharing was useful in improving on our security.
I think the world should be thankful for such people who have capacity to seek out these vulnerabilities, and still choose not to exploit them malevolently. This is where we separate the "hackers' from the "crackers," the latter being those with capacity but who intend and do carry out malevolent deeds (like steal passwords, information, etc.)
There are "Certified Ethical Hacker" courses available with some of our leading IT Education institutions, and we should encourage IT specialists to take on the challenge of improving cyber-security.
And I do agree that it may be best for DOJ to set up a plea bargain, asking Mr. Giner, in exchange, to conduct seminars with Gov't IT officials and specialists. Heck, he could even make a career out of this. Big IT firms in the west are even known to hire capable hackers into their security teams.
Posted by jangelo at May 20, 2005, 1:38 pmHi, I was wondering, Is hacking prohibited in this country? What if I just want to help out, like testing if the system is ok?
Do I have to get an ethical hacki9ng certification to hack systems?
THakns!!
you could repply at twinkles_212@yahoo.com
by the way, I worked on this Calliope before on DotPH mr, Disini, hehe
Posted by Twinkles at September 20, 2006, 11:30 am
I know the guy, he's a close friend of my best friend back in Iloilo. I only met him once. He even had a site on one of our servers at plogHost and I am not a bit worried. He's a good guy who happens to think he was doing the Gov't a favor but ended on the wrong side of the fence.
Posted by Abe Olandres at May 19, 2005, 3:17 pm